Mike Salvatore 17111037fd apparmor: reset pos on failure to unpack for various functions ... [ Upstream commit 156e42996b ] Each function that manipulates the aa_ext struct should reset it's "pos" member on failure. This ensures that, on failure, no changes are made to the state of the aa_ext struct. There are paths were elements are optional and the error path is used to indicate the optional element is not present. This means instead of just aborting on error the unpack stream can become unsynchronized on optional elements, if using one of the affected functions. Cc: stable@vger.kernel.org Fixes: 736ec752d9 ("AppArmor: policy routines for loading and unpacking policy") Signed-off-by: Mike Salvatore <mike.salvatore@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2019-09-16 08:22:16 +02:00
..
include	apparmor: fix PROFILE_MEDIATES for untrusted input	2019-06-25 11:35:54 +08:00
.gitignore
apparmorfs.c	apparmorfs: fix use-after-free on symlink traversal	2019-05-25 18:23:42 +02:00
audit.c
capability.c
crypto.c
domain.c	apparmor: Fix aa_label_build() error handling for failed merges	2019-03-13 14:02:32 -07:00
file.c	apparmor: Check buffer bounds when mapping permissions mask	2018-07-19 16:24:43 -07:00
ipc.c
Kconfig
label.c
lib.c	apparmor: Fix uninitialized value in aa_split_fqname	2018-11-27 16:13:00 +01:00
lsm.c	->file_open(): lose cred argument	2018-07-12 10:04:15 -04:00
Makefile
match.c
mount.c
net.c
nulldfa.in
path.c
policy_ns.c	apparmor: fix an error code in __aa_create_ns()	2018-08-21 16:24:56 -07:00
policy_unpack.c	apparmor: reset pos on failure to unpack for various functions	2019-09-16 08:22:16 +02:00
policy.c
procattr.c
resource.c
secid.c	apparmor: fix bad debug check in apparmor_secid_to_secctx()	2018-09-03 11:15:29 -07:00
stacksplitdfa.in
task.c